@cloudbase/framework-plugin-website
Advanced tools
@cloudbase/framework-plugin-website - npm Package Compare versions
+5
-5
| { | ||
| "name": "@cloudbase/framework-plugin-website", | ||
| "version": "1.9.6-beta.0+9595856f", | ||
| "version": "1.9.6", | ||
| "description": "云开发 Tencent CloudBase Framework Website Plugin 插件", | ||
@@ -32,5 +32,5 @@ "author": "Tencent CloudBase Team", | ||
| "dependencies": { | ||
| "@cloudbase/framework-core": "^1.9.5", | ||
| "@cloudbase/static-builder": "^1.9.5", | ||
| "@cloudbase/static-deployer": "^1.9.5", | ||
| "@cloudbase/framework-core": "^1.9.6", | ||
| "@cloudbase/static-builder": "^1.9.6", | ||
| "@cloudbase/static-deployer": "^1.9.6", | ||
| "@cloudbase/toolbox": "^0.6.0", | ||
@@ -46,3 +46,3 @@ "@types/archiver": "^5.1.0", | ||
| }, | ||
| "gitHead": "9595856f734c421e70ec4348586d0256a008eb07" | ||
| "gitHead": "c45737ec109d95b0fed5a55c59b9376440123dd8" | ||
| } |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Number of low quality alerts
0
-100%- Number of medium supply chain risk alerts
0
-100%Worsened metrics
- Total package byte prevSize
44132
-0.04%